CloudBurst 2015

Here are some of my notes from Sweden Azure User Group's CloudBurst 2015 at Microsoft premises in Stockholm. The recordings have been made available (courtesy of Live Arena), and if you're interested in the agenda for the two days, it is here.

The speakers had been invited and then got to decide for themselves, what they wanted to speak about (given the Azure context, of course). It turned out fairly varied, but with a certain emphasis on identity services / management and microservice characteristics.


Azure Service Fabric
Still in preview; not likely to be released this year. Is considered PaaS v2, superseding Microsoft's current Cloud Application platform (Web- and Worker Roles).

Things like Azure Service Bus, Azure SQL database and Cortana runs on Service Fabric. Now, they are packaging it up for consumption, just like they did with Azure AD.

Micro service is: Logic & state that is independently versioned, deployed and scaled.

Today's cloud services are stateless - you shouldn't store data in the instances themselves, but instead rely on Azure Storage or similar services. Microsoft's fabric offering comes with a stateful variant as well, something which reduces latency and simplifies your architecture, since you can rely on the fabric to replicate data for you.

Service Fabric can be run in Azure, Amazon Web Services, on premise, on Linux and Windows. It was built because Microsoft needed to solve the Microservice problem for their own teams.

Service Fabric spreads out an application upon deployment, hosting one primary and several secondaries. Data is replicated between the instances. Once a node fails, one of the secondaries are promoted to primary, already having the current application state.

In reliable services, you utilize reliable collections, a continuation of concurrent collections, having replication built-in, is multi-machine aware, asynchronous and transactional.

In Visual Studio, to start a SF Application, do File - New - Cloud - Service Fabric Application and pick Stateful/stateless service/actor or Asp.net 5. You get an application project (which is your deployment) and your service project. You can have several services in an application.


A piece of Project Orleans ended up in the Actor service. Halo runs on the actor fabric.

To sign up for the preview, go to http://aka.ms/sfp-external.


Alan Smith: Going global. Developing game services in Azure
Azure Service Bus supports 2000 subscribers per service bus topic and 2000 message operations per second (one copy-to-subscriber counts as one operation).

Azure ManagementStudio seems to be a nice tool to read blobs and queues and stuff.

Even with logging all exceptions, achievements and other telemetry data in table storage, the storage cost for the Azure Bootcamp day was only 3 cents!

Row keys for ordering: Ascending=zero padded, descending=large number - value (ex. longest jump = 1000000 - jump length).


Don Rosanova on the Service Bus Event Hub and telemetry
The event hub is a logical container, using the underlying infrastructure. We have tested it with 1 million messages per second without issues. It works well by having a bunch of partitions of ordered events. Scaled out. Each partition is like a transaction log. You consume through a consumer group. Groups are like topic subscriptions and can receive the same message once per group.

AMQP is our preferred way to communicate with the  hub. Contains flow control. You can use the lightweight runtime API to ask for metadata per partition - Ingres rate, current sequence Id, last sequence id - so you can calculate how far you are behind, if at all.

You can use SOAP-UI against service bus rest APIs.

Performance counters for service bus .


In the documentation, when we say entity, we mean a queue, topic or an event hub.

Use EventProcessorHost to consume the events.

You can turn performance counters on and off without restarting services.


Unlike a queue, readers do not consume messages, they age off over time.


Think about how many times you are reading and see which ones you can combine, especially if you are not dealing with all events per consumer group.


Real world 2 speed IT - Powered by Microsoft Azure and Integration
Marathon runner - slow and steady (safe and risk averse) vs. sprinter - fast and agile (fast time to market).

Building in Minecraft where you have certain floor boards that sends events when you step on them, visualizing Internet of things usage in the real world.

For two-speed it, you could add a logic app to read state from a database and perform additional logic, rather than changing (and risk breaking) an existing, reliable business process.

theazurecoach.com - competition for free training for use up to 10 people.

Mods in Minecraft are a bit like NuGet. There's a technic launcher that has mods like computercraft, which was used in the demo.

You write Minecraft computercraft apps in lua (Visual Studio Addon; Stand-alone editor), and there are libraries to download that lets you parse JSON and more!


Hybrid connectivity options with the Microsoft Cloud
Integration Mondays (YouTube Playlist) discusses Azure subjects every other Monday at least.




Point-to-site VPN lets you connect Remote Desktop to a VM in Azure through your corporate firewall, given that the VM is a part of a virtual network.
  

Developing modern solutions with Azure Active Directory
AAD and AD are two completely different offerings from Microsoft. AAD is huge and the world's largest identity platform.



ADAL lets you do authentication on any platform. It provides you HTML views that you can incorporate in your apps, letting ADAL deal with the authentication itself.



Any Microsoft services going forward, will be authenticated using tokens issued by Azure AD.

You project you application in Azure, so that you can describe consumers and resources (application definition) that it want to access.

Your application needs to continuously refresh your access tokens against AAD. This enables the application to add restrictions, to lock out users etc.

In Azure Management Portal, click AD - new application (more information).

ADAL does the client side magic required to handle tokens.


If you're targeting Windows 10 exclusively, use WebAccountManager. Otherwise, use ADAL.

You can have users log into your app if they have ANOTHER cloud account, such as Office365.

You can secure web apps by introducing an ADAL middleware.

When you have a web app that needs to act on an API on behalf of that user, you need to store the user's token in the web app. Listen to the AuthorizationCodeReceived event.

For your own APIs, set your azure app as multi tenant.

For SPAs, use ADAL.js


Top 6 decisions you'll make on Azure

Availability set: Make sure they update one at a time to keep at least one up at all times.

Maintaining VMs is a lot of work - a lot!
Original cloud services are pre-configured VMs. A lot of features are now available in the Web Apps offering as well, making that a better option.

Worker roles are still a strong model, apparently.

With app service environment, you get like a mini co-location in Azure where you can separate your subnets.



API apps can easily talk to each other within the same resource group.

You can log into an API through a social provider such as Twitter, however, this only really works in mobile app space. For website - API scenarios, we need API management.

You can configure CORS and setup identity provides via the gateway settings.

Policies - you create product and associate them with a key - a license key. These policies can allow you only 5 calls per day and also configure authentication provider.

The API management does a lot of heavy lifting as far as standards based authentication, including revocation of subscription keys with proper error messages.

If you're targetting logic or mobile apps today, use API apps. If not, you will get a better experience from the API management story today.

You can pull a web job into its own VM (dedicated app service plan).

Social login in azure ad is available in preview.


Architecture Best Practices in Microsoft Azure


A big benefit you get out of the Map-Reduce pattern, is that you can separate a big chunk of data into many smaller chunk for parallel processing, thereby minimizing latency impact.



If you don't test in an Azure environment, you will get a lot of unpleasant surprises. The emulators are not perfect, and they will also not indicate how your architectural decisions will affect the price of said architecture.

In an event sourced system, you can let your command response event update the cache on your read model, reducing the need for the read model to access the database.

Using telemetry, you can glean when to optimize for queries and when to optimize for commands.

Learn to live with stale data. What does now or realtime mean for your current customer? Often time, it's not what you presume.


Comments

Post a Comment

Popular posts from this blog

Auto Mapper and Record Types - will they blend?

Image
TL;DR: Yes, they will. Thank you for your time. 😄 Background At Redgate, engineers enjoy a great benefit in that we get are expected to spend 10% of our time to improve on our craft.  Having suffered this week with manually having to copy a bunch of properties from a domain object to its HTTP representation, I decided to spend this week's 10% time to see if I could answer the following questions: Can use AutoMapper to simplify mapping between two types?  Does it also allow me to map between a regular type and a record type? What about the other way around? Can I use this to reduce the maintenance burden in my product? Mapping between two types [automapper fundamentals] To started and get a basic mapping done, created a .NET 5 ASP.NET Web API project, added the below package references and configured automapper : < PackageReference Include ="AutoMapper" Version ="10.1.1" /> < PackageReference Include ="AutoMapper.Extensions.Microsoft.DependencyInj
Read more

Unit testing your Azure functions - part 2: Queues and Blobs

In our last installment , we discovered how to start unit testing our Azure Functions, looking at the HTTP Trigger (and evaulating the function's HTTP response). This time, we'll take a look at using the QueueTrigger, getting supporting data from table storage and outputting Blobs. Yup, I'm tossing you into the deep end! What are we trying to accomplish? This time, we will test a function that performs some arbitrary business logic on bank accounts. The function responds to a storage queue request, logs each command and ensures that each received command is executed exactly once. Almost like a real-world function, huh? ;-) In the function above, we are introduced to three types that we need to deal with in our unit tests - the IQueryable interface, IAsyncCollector and the CloudBlockBlob concrete type. IQueryable is easy enough to work with: Introducing the Testable Async Collector When I first started exploring this topic, I figured I could just use my favourit
Read more

Testing WCF services with user credentials and binary endpoints

Image
This article discusses the following error messages that you might receive from a WCF service An error occurred when verifying security for the message HTTP/1.1 415 Cannot process the message because the content type 'application/soap+xml;charset=UTF-8;action="..."' was not the expected type 'application/soap+msbin1' When doing analysis work on existing services, invoking them in a safe test environment is a handy way of getting an understanding of their operations, especially if the documentation has gone missing (or was never written). SoapUI is a tool that can be used to test WCF Services, but did you know that Visual Studio also comes with its own set of tools? Let's start with SoapUI, which is available from  http://www.soapui.org/ . Its operations are quite straight-forward; however, you might run into issues when trying to access services that are protected by user credentials, or when accessing services with binary endpoints. I
Read more